Use newer S3 configuration resources

2024-01-07 13:49:35 +00:00 · 2024-01-07 13:49:35 +00:00 · 9f13ace88c
parent 094091dd21
commit 9f13ace88c
1 changed files with 29 additions and 7 deletions
--- a/terraform/state.tf
+++ b/terraform/state.tf
@ -4,20 +4,42 @@ resource "aws_iam_user" "terraform" {

 resource "aws_s3_bucket" "tfstate" {
  bucket = "0rng-terraform"
-  acl    = "private"
+}

-  versioning {
-    enabled = true
+resource "aws_s3_bucket_versioning" "tfstate" {
+  bucket = aws_s3_bucket.tfstate.id
+
+  versioning_configuration {
+    status = "Enabled"
  }
+}

-  lifecycle_rule {
-    enabled = true
+resource "aws_s3_bucket_server_side_encryption_configuration" "tfstate" {
+  bucket = aws_s3_bucket.tfstate.bucket

-    noncurrent_version_expiration {
-      days = 10
+  rule {
+    apply_server_side_encryption_by_default {
+      sse_algorithm = "AES256"
    }
  }
+}

+resource "aws_s3_bucket_lifecycle_configuration" "tfstate" {
+  bucket = aws_s3_bucket.tfstate.id
+
+  rule {
+    id     = "Delete old non-current versions"
+    status = "Enabled"
+
+    noncurrent_version_expiration {
+      noncurrent_days = 30
+    }
+  }
+}
+
+resource "aws_s3_bucket_acl" "tfstate" {
+  bucket = aws_s3_bucket.tfstate.id
+  acl    = "private"
 }

 resource "aws_iam_user_policy" "modify-terraform-user" {